CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals

Efrat Levy, Asaf Shabtai, Bogdan Groza, Pal Stefan Murvay, Yuval Elovici

Research output: Contribution to journalArticlepeer-review

5 Scopus citations

Abstract

The Controller Area Network (CAN), which is used for communication between in-vehicle devices, has been shown to be vulnerable to spoofing attacks. Voltage-based spoofing detection (VBS-D) mechanisms are considered state-of-the-art solutions, complementing cryptography-based authentication whose security is limited due to the CAN protocol's limited message size. Unfortunately, VBS-D mechanisms are vulnerable to poisoning performed by a malicious device connected to the CAN bus, specifically designed to poison the deployed VBS-D mechanism as it adapts to environmental changes that take place when the vehicle is moving. In this paper, we harden VBS-D mechanisms using a deep learning-based mechanism which runs immediately, when the vehicle starts; this mechanism utilizes physical side-channels to detect and locate physical intrusions, even when the malicious devices connected to the CAN bus are silent. We demonstrate the mechanism's effectiveness (100% intrusion detection accuracy and error rates of close to 0%) in various physical intrusion scenarios and varying temperatures on a CAN bus prototype. In addition, we present a deep learning-based VBS-D mechanism that securely adapts to environmental changes. This mechanism's robustness (99.8% device identification accuracy) is demonstrated on a real moving vehicle.

Original languageEnglish
Pages (from-to)4800-4814
JournalIEEE Transactions on Information Forensics and Security
Volume18
DOIs
StatePublished - 20 Jun 2023

Keywords

  • Authentication
  • CAN Bus
  • Deep learning
  • Feature extraction
  • Intrusion detection
  • Location awareness
  • Prototypes
  • Voltage
  • deep learning
  • side-channel analysis

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals'. Together they form a unique fingerprint.

Cite this